Do I have malware?

How do I know if I have malware on my computer? I'm using ubuntu 12.10. My HDD lite is blinking a lot today. Usually it's quiet with an random blink. Today it's acting like my windows load used to always do. Below is what my system log is showing ...

Re: Do I have malware?

To me the log seems normal. It could be that you are running out of ram, if that is so the system will start to swap, in other words write to the disk. You can see what is writing to the disk with the utility iotop. To install iotop issue the command:

Code:

sudo apt-get install iotop

in a terminal, the program requires sudo rights to run.

Hope this helps you,
-lordievader.

Last edited by lordievader; February 13th, 2013 at 08:38 AM.

“There is no point in using the word 'impossible' to describe something that has clearly happened.” -Douglas Adams.

Re: Do I have malware?

Please enclose output in "code" marks before posting. It makes massive outputs far easier to parse. This can be done by highlighting the output and using the hash (#) button at the top of the posting box.

Re: output

I don't see anything alarming in your syslog. Syslog is only one of the logs you should be parsing routinely, but learning to read them is something of a black art. There's no easy way to learn because they record your system's low-level functions which are inevitably technical and arcane. I doesn't help that Linux developers often use alarming sounding labels and phrases to denote normal and innocuous processes. I've found that the best way to learn about the logs is to learn about Linux itself. For example, a daemon is simply a process like an app, but it runs unobtrusively in the background doing work that requires no user input or waiting for a specific event. The program that creates syslog itself is a daemon called syslogd. Avahi-daemon is another of your examples. This is a process that publishes and listens for services added to your network, like printers, network attached storage, etc. so that you don't have to specifically invoke a discovery process before seeing them. Some would consider it unnecessary bloat, but it is a part of most modern distros and not malign.

If you would like to understand more about Linux security, this is a wonderful primer. Please be aware that the first natural reaction to security when starting out tends to be paranoia and false positives. This is not necessarily a bad reaction so long as you step back and remind yourself every now and again that you are probably overreacting. However, we cannot fend off malware unless we stay vigilant. Better your type of reaction than the attitude I see so frequently from Windows migrants whose first question is all too often, "How do I turn off system password requests?"

That said, if you want to know what is creating all that disk I/O, do:

Code:

sudo apt-get install iotop

and then run iotop to see exactly what processes are hitting your HDD so hard.

Re: Do I have malware?

Re: Do I have malware?

Thanks so much for all the comments. I know just enough to be dangerous! But I also clearly understand that there are bad people trying to screw you. We must be vigilant. I used to spend hundreds of dollars on security software using windows. What a relief to not have that problem any more! I will try to learn more about reading and understanding the log entries. But I'm old enough now that about 50% goes into my memory but never seems to stay. I will install itop. And yes I was downloading torrents so this may have increased the activity altho I don't remember that causing this reaction in the past.